Loading...
Loading...
Found 9,230 Skills
Generate llms.txt and llms-full.txt files for a website to improve AI discoverability. Use when the user asks to create llms.txt, generate llms.txt, fix llms.txt, make site AI-readable, or mentions llms.txt generation.
Analyze binaries using the Domain API for IDA Pro. Use when examining program structure, functions, disassembly, cross-references, or strings.
Theme speed and UX optimization — Core Web Vitals, Liquid code, image loading, mobile responsiveness
Use when the user has an SRT (or transcript text) in one language and wants it translated to another, with punctuation-bounded re-segmentation so cues end at real sentence breaks. Simplified Chinese (zh-CN) and English (en) are first-class targets; other targets follow the same rules. Outputs a target-language SRT or bilingual SRT — no audio, no burn-in. Triggers — "翻译字幕", "翻成中文", "translate this SRT", "中英双语字幕", "把这个 SRT 翻译成 X", "bilingual subtitles".
Use this skill to scaffold new Expo / React Native design system components that obey the expo-design-system rules by construction — a variant-driven pressable primitive, a slot-based card surface, a typed text primitive, a labeled form field, a FlashList entity screen, a theme token group, and a Storybook variant catalog. Trigger whenever the user wants to create, add, generate, or scaffold a new shared UI component, primitive, design token group, or screen for the clinic mobile app, even if they don't mention the design system — the generated code uses Unistyles v3 variants instead of style props, ref-as-prop, design tokens, built-in accessibility, and web/iOS parity (`_web` hover/focus/cursor on interactive primitives), so it follows expo-design-system without rework. Output is TSX/TS using react-native-unistyles.
Run technical SEO audit. Use when: checking Core Web Vitals, crawlability, indexation, speed, or structured data.
Configure code scanning in Harness pipelines using STO security scanners. Helps identify where to inject SAST/SCA scanning steps into existing pipelines, recommends appropriate scanners, and configures them with proper connector references. Use when asked to add code scanning, configure security scans, set up SAST/SCA, integrate vulnerability scanning, or add security checks to a pipeline. Trigger phrases: add code scanner, configure repo scan, set up SAST, add security scan, configure vulnerability scanning, integrate scanner.
When the user wants to analyze Google Ads performance by device, geography, day of week, hour of day, or any combination of these dimensions. Also triggers on 'device performance', 'mobile vs desktop', 'bid adjustments', 'geo performance', 'location targeting', 'dayparting', 'ad schedule', 'hourly performance', 'device modifiers', 'geo bid adjustments', 'best time to run ads', 'location exclusions', or 'campaign splits by device or geo'. For full campaign structure see google-ads-search. For Smart Bidding see google-ads-bidding.
Validates a UX spec, HUD design, or interaction pattern library for completeness, accessibility compliance, GDD alignment, and implementation readiness. Produces APPROVED / NEEDS REVISION / MAJOR REVISION NEEDED verdict with specific gaps.
Critique a screen's typography — scale usage, readability, consistency, and token compliance.
Vendor-neutral skill to analyze API reliability metrics and summarize error budget burn with mitigation guidance.
Complete bug bounty workflow — recon (subdomain enumeration, asset discovery, fingerprinting, HackerOne scope, source code audit), pre-hunt learning (disclosed reports, tech stack research, mind maps, threat modeling), vulnerability hunting (IDOR, SSRF, XSS, auth bypass, CSRF, race conditions, SQLi, XXE, file upload, business logic, GraphQL, HTTP smuggling, cache poisoning, OAuth, timing side-channels, OIDC, SSTI, subdomain takeover, cloud misconfig, ATO chains, agentic AI), LLM/AI security testing (chatbot IDOR, prompt injection, indirect injection, ASCII smuggling, exfil channels, RCE via code tools, system prompt extraction, ASI01-ASI10), A-to-B bug chaining (IDOR→auth bypass, SSRF→cloud metadata, XSS→ATO, open redirect→OAuth theft, S3→bundle→secret→OAuth), bypass tables (SSRF IP bypass, open redirect bypass, file upload bypass), language-specific grep (JS prototype pollution, Python pickle, PHP type juggling, Go template.HTML, Ruby YAML.load, Rust unwrap), and reporting (7-Question Gate, 4 validation gates, human-tone writing, templates by vuln class, CVSS 3.1, PoC generation, always-rejected list, conditional chain table, submission checklist). Use for ANY bug bounty task — starting a new target, doing recon, hunting specific vulns, auditing source code, testing AI features, validating findings, or writing reports. 中文触发词:漏洞赏金、安全测试、渗透测试、漏洞挖掘、信息收集、子域名枚举、XSS测试、SQL注入、SSRF、安全审计、漏洞报告